Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

OpenSSL.SSL.SysCallError: (-1, 'Unexpected EOF')

See original GitHub issue

I run following code to retrieve a page on www.cnyes.com

import requests
url = 'https://www.cnyes.com/global/IndexImmediateQuotedPrice/'
r = requests.get(url)

Following errors occur

Actual Result

C:\ProgramData\Anaconda3\envs\p36\python.exe D:/projects/DailyReport/scripts/test/test_requests.py Traceback (most recent call last): File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\contrib\pyopenssl.py”, line 441, in wrap_socket cnx.do_handshake() File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\OpenSSL\SSL.py”, line 1806, in do_handshake self._raise_ssl_error(self._ssl, result) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\OpenSSL\SSL.py”, line 1539, in _raise_ssl_error raise SysCallError(-1, “Unexpected EOF”) OpenSSL.SSL.SysCallError: (-1, ‘Unexpected EOF’)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\connectionpool.py”, line 601, in urlopen chunked=chunked) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\connectionpool.py”, line 346, in _make_request self._validate_conn(conn) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\connectionpool.py”, line 850, in validate_conn conn.connect() File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\connection.py”, line 326, in connect ssl_context=context) File "C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\util\ssl.py", line 329, in ssl_wrap_socket return context.wrap_socket(sock, server_hostname=server_hostname) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\contrib\pyopenssl.py”, line 448, in wrap_socket raise ssl.SSLError(‘bad handshake: %r’ % e) ssl.SSLError: (“bad handshake: SysCallError(-1, ‘Unexpected EOF’)”,)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\adapters.py”, line 440, in send timeout=timeout File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\connectionpool.py”, line 639, in urlopen _stacktrace=sys.exc_info()[2]) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\urllib3\util\retry.py”, line 388, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host=‘www.cnyes.com’, port=443): Max retries exceeded with url: /global/IndexImmediateQuotedPrice/ (Caused by SSLError(SSLError(“bad handshake: SysCallError(-1, ‘Unexpected EOF’)”,),))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File “D:/projects/DailyReport/scripts/test/test_requests.py”, line 9, in <module> r = requests.get(url) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\api.py”, line 72, in get return request(‘get’, url, params=params, **kwargs) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\api.py”, line 58, in request return session.request(method=method, url=url, **kwargs) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\sessions.py”, line 508, in request resp = self.send(prep, **send_kwargs) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\sessions.py”, line 618, in send r = adapter.send(request, **kwargs) File “C:\ProgramData\Anaconda3\envs\p36\lib\site-packages\requests\adapters.py”, line 506, in send raise SSLError(e, request=request) requests.exceptions.SSLError: HTTPSConnectionPool(host=‘www.cnyes.com’, port=443): Max retries exceeded with url: /global/IndexImmediateQuotedPrice/ (Caused by SSLError(SSLError(“bad handshake: SysCallError(-1, ‘Unexpected EOF’)”,),))

Some Information on Security Panel of Google Chrome DevTools

I use DevTools to Inspect www.cnyes.com:

Connection Protocol TLS 1.0 Key exchange RSA Cipher 3DES_EDE_CBC with HMAC-SHA1

Refer to the red circle on attach image. devtools

Firefox Developer Tools shows Cipher suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA firefox

System Information

$ python -m requests.help

{
  "chardet": {
    "version": "3.0.4"
  },
  "cryptography": {
    "version": "2.2.2"
  },
  "idna": {
    "version": "2.6"
  },
  "implementation": {
    "name": "CPython",
    "version": "3.6.5"
  },
  "platform": {
    "release": "8.1",
    "system": "Windows"
  },
  "pyOpenSSL": {
    "openssl_version": "1010008f",
    "version": "17.5.0"
  },
  "requests": {
    "version": "2.18.4"
  },
  "system_ssl": {
    "version": "100020bf"
  },
  "urllib3": {
    "version": "1.22"
  },
  "using_pyopenssl": true
}

Windows 8.1 Python 3.6.5 pip install request[security]

pip list Package Version

asn1crypto 0.24.0 certifi 2018.4.16 cffi 1.11.5 chardet 3.0.4 cryptography 2.2.2 idna 2.6 pip 10.0.1 pycparser 2.18 pyOpenSSL 17.5.0 requests 2.18.4 setuptools 39.1.0 six 1.11.0 urllib3 1.22 wheel 0.31.0 wincertstore 0.2

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:8 (2 by maintainers)

github_iconTop GitHub Comments

3reactions
nateprewittcommented, May 12, 2018

@fygul, so this server is in a pretty sad state (ssl labs report). It’s primary cipher suites are RC4-MD5 and RC4-SHA which aren’t secure and it supports 3DES_EDE_CBC with HMAC-SHA1 with TLS1.0 to appease browsers. If you change the cipher string to only CIPHERS = 'DES-CBC3-SHA' it will connect, so there’s something else in the cipher string that the server is hanging on.

Since this isn’t supported with Requests default cipher suite and there’s a path forward for debugging, I’m going to close this out.

@wty1143, I’d suggest taking a look at your cipher string and seeing if this fixes your issue. If not, you can either use your browsers developer tools or openssl s_client -connect yourdomainhere.com:443 to determine what cipher suite is being negotiated.

0reactions
wty1143commented, May 11, 2018

@nateprewitt I also have tried the method you mentioned, but none of them fixed this issue. However, when I tested the same code with my old version requests (2.0.1 I think) with old version urllib3, the issue was gone.

So I am wondering what’s the critical difference between these two versions and why the manual cipher solution did not work well in this case.

Again, thanks for your help.

Read more comments on GitHub >

github_iconTop Results From Across the Web

OpenSSL.SSL.SysCallError: (-1, 'Unexpected EOF') #3965
I'm on Windows 10 with OpenSSL 1.0.1l 15 Jan 2015, python 3.4.3, Requests 2.13.10, and when attempting to connect to a website with...
Read more >
Python: SSLError, bad handshake, Unexpected EOF
We've seen similar issues start all of a sudden on a specific host. It turned out that the env variable was set there...
Read more >
SSL error during connection loss; OpenSSL.SSL.SysCallError ...
SSL.SysCallError: (-1, 'Unexpected EOF') During handling of the above exception, another exception occurred: Traceback (most recent call last): ...
Read more >
1249274 – OpenSSL.SSL.SysCallError: (-1, 'Unexpected EOF')
Description of problem: Can run build Version-Release number of selected component (if applicable): fedmsg-0.13.1-4.fc21.noarch How ...
Read more >
IP blocked? "Unexpected EOF" - Help
"Unexpected EOF" ... exceeded with url: /directory (Caused by SSLError(SSLError("bad handshake: SysCallError(-1, 'Unexpected EOF')"))).
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

utf-8 passwords in url don't work

Next page

problem with parsing: HTTPSConnectionPool